A recent Hiscox report revealed that seven in 10 (69%) U.S. companies report an increase in cyberattacks compared to the previous year. The report underscores that cyber threats now pose a greater risk to organizations than bankruptcy, according to the survey.
According to the report, U.S. business leaders consider cyberattacks and data breaches (32%) to be a bigger threat to their organizations than skills shortages (30%) and bankruptcy (27%). With an average of 62 cyber incidents per business each year — or more than one attack or attempt per week — U.S. companies are facing threats as often as many receive company-wide communications from leadership or weekly newsletters.
Suffering from ransomware (32%) or virus outbreaks (37%) proves to be the most common cyberattack outcome for businesses, with 56% also reporting financial losses due to payment diversion fraud and 36% citing loss of encrypted data. As a result, 72% of U.S. companies recognize the importance of cyber resilience as integral to their business strategy.
Paying a ransom offers no assurance of full data recovery; in fact, only 7% of businesses who paid a ransom successfully retrieved all their data, and 10% experienced data leaks despite payment. After an attack, reputational challenges loom, with 43% of businesses struggling to attract new clients due to the damage caused.
Phishing emails appear to still be the primary method of choice for cyber criminals, accounting for 57% of ransomware incidents. Among companies that have faced an increase in their cyber risk exposure, they credit a substantial lack of employee awareness (41%).
Failing to decommission outdated systems was identified as the primary driver of rising cyber risk (47%), with legacy systems presenting greater vulnerabilities than employee personal device usage (39%).
Businesses that opted to pay ransoms did so because 35% lacked adequate data backups and were unable to restore their data.